Esoftplanner Esoft Planner — known CVE vulnerabilities
Every CVE whose affected-product data names Esoftplanner Esoft Planner, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-48530 — CVSS 7.5 (high): An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service…
CVE-2024-48536 — CVSS 7.5 (high): Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to view all transactions performed by the company via supplying a…
CVE-2024-48531 — CVSS 5.4 (medium): A reflected cross-site scripting (XSS) vulnerability on the Rental Availability module of eSoft Planner 3.24.08271-USA allows attackers to…
CVE-2024-48534 — CVSS 5.4 (medium): A reflected cross-site scripting (XSS) vulnerability on the Camp Details module of eSoft Planner 3.24.08271-USA allows attackers to execute…
CVE-2024-48535 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability in eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary web scripts or HTML…
CVE-2024-48533 — CVSS 5.3 (medium): A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA…